MashSSL Incubator Group Charter

The mission of the MashSSL Incubator
Group, part of the Incubator Activity, is
to create an open security protocol to solve a fundamental
Internet security problem. Specifically, when two web
applications communicate through a potentially untrusted user
they do not have any standard way of mutually authenticating
each other and establishing a trusted channel. This problem
which has existed for a long time (e.g. an eCommerce site
creating a link to Paypal), and is usually solved using
proprietary cryptography and special purpose credentials. The
problem is becoming much more widespread with the advent of
various mashup technologies, for instance cross domain XHR. The
W3C Cross-Origin Resource Sharing (CORS) Working
Draft does address the issue of protecting an honest user
visiting a malicious or compromised site, from malware that
unobtrusively accesses other legitimate sites the user might be
logged onto. However, that specification, was not intended to,
nor does it in any way, protect legitimate sites from a
malicious user. Other examples where the problem manifests is
in federation protocols like SAML and OpenID where it Identity
Providers and Relying Parties have to authenticate each other.
The recent "session
fixation" vulnerability discovered in the OAuth delegated
authorization protocol is another example of exactly the same
problem. In each case the problem tends to be "solved" with
untested cryptography and requires a new credentialing trust
infrastructure and still more credentials for an organization
to manage.

The MashSSL Incubator Group aims to produce a
recommendation for a common building-block standard that can be
used in multiple use cases where this problem occurs. Further,
it is our intent to develop a recommendation for a standard
that leverages the proven SSL protocol, and allows
organizations to use SSL certificates with which they are
familiar, to solve the problem. Currently SSL is a two-party
protocol operating at the transport level. MashSSL will be a
multi-party version that inherits all of SSL's security
attributes but runs within HTTP.

Scope

When two web applications attempt to establish mutual
authentication and encryption via user's browser, they face
the challenge that the user might be malicious or that the
user's browser is infected with malware. Being able to
establish such mutual trust, assuming a malicious adversary
at the user's browser, is a common problem faced in a number
of varied situations ranging from cross domain XHR to payment
protocols. Either the problem goes unaddressed, or else,
proprietary, often unproven, cryptography is used, which
means more crypto software for the web site, a new type of
credential to provision, obtain and manage. The scope of our
work is to create an open, secure standard standard for
solving this problem.

A proprietary protocol based on SSL, called MashSSL, has
been developed by SafeMashups Inc., which addresses the above
problem. SafeMashups has agreed to donate the currently
proprietary protocol towards becoming a standard that
addresses the problem outlined above. Our goal is to refine
and improve that protocol and make a recommendation for an
open MashSSL protocol.

Success Criteria

The XG will be deemed successful if and when it produces
the deliverables outlined below.

Deliverables

A report describing a specification that can be
considered for entry into the W3C standardization
process.
- Sample implementation(s) of the technology described in
the above report.

Dependencies

W3C Groups

External Groups

Participation

It is envisioned that almost all collaboration will take
place using a member-only mail list and a wiki. Occasional
webinars and teleconferences will augment the process.
Expected participation follows the W3C Process Document discussion of Good
Standing

Communication

This group primarily conducts its work on the public
mailing list public-xg-mashssl@w3.org (archive)
. The group's Member-only list is member-xg-mashssl@w3.org
(archive)

Decision Policy

As explained in the Process Document (section 3.3), this group will seek to make
decisions when there is consensus. When the Chair puts a
question and observes dissent, after due consideration of
different opinions, the Chair should record a decision
(possibly after a formal vote) and any objections, and move
on.

When deciding a substantive technical issue, the
Chair may put a question before the group. The Chair must
only do so during a group meeting, and at least two-thirds
of participants in Good Standing must be in attendance.
While multiple individuals from a single organization may
be part of the group, each organization will have only
one vote. When the Chair conducts a formal vote to reach a decision on a
substantive technical issue, eligible voters may vote on
a proposal one of three ways: for a proposal, against a
proposal, or abstain. For the proposal to pass there must
be more votes for the proposal than against. In case of a
tie, the Chair will decide the outcome of the
proposal.

This charter is written in accordance with Section 3.4, Votes of the W3C Process
Document and includes no voting procedures beyond what
the Process Document requires.

Patent Policy

This Incubator Group provides an opportunity to share
perspectives on the topic addressed by this charter. W3C
reminds Incubator Group participants of their obligation to
comply with patent disclosure obligations as set out in
Section 6 of the W3C Patent Policy. While
the Incubator Group does not produce Recommendation-track
documents, when Incubator Group participants review
Recommendation-track specifications from Working Groups,
the patent disclosure obligations do apply.

Incubator Groups have as a goal to produce work that can
be implemented on a Royalty Free basis, as defined in the
W3C Patent Policy.

Participants agree to offer patent licenses according to
the W3C Royalty-Free licensing requirements described in
Section 5 of the W3C Patent Policy for any
portions of the XG Reports produced by this XG that are
subsequently incorporated into a W3C Recommendation
produced by a Working Group which is chartered to take the
XG Report as an input. This licensing commitment may not be
revoked but may be modified through the Exclusion process
defined in Section 4 of the Patent Policy.

Participants in this Incubator Group wishing to exclude
essential patent claims from the licensing
commitment must join the Working Group created to work on
the XG Report and follow the normal exclusion procedures
defined by the Patent Policy. The W3C Team is responsible
for notifying all Participants in this Incubator Group in
the event that a new Working Group is proposed to develop a
Recommendation that takes the XG Report as an input.

Additional Information

There will be a MashSSL Alliance web site maintained at
mashssl.org which will list members provide a
brief introduction and include pointers to the relevant W3C
links.

About this Charter

This charter for the MashSSL Incubator Group has been
created according to the Incubator Group Procedures documentation. In the
event of a conflict between this document or the provisions
of any charter and the W3C Process, the W3C Process shall
take precedence.